Changelog

2024.3

Project Diagrams

  • Added fields to the endpoint GET /api/v2/projects/{project_id}/diagram
    • last_updated, updated_by

Projects

  • Added the Scan expand field to /api/v2/projects/{project_id}/survey/history/ endpoint.

Library Countermeasure

  • Added the following query params for /api/v2/library/tasks endpoint.
  • Added POST, PATCH & DELETE functionality to /api/v2/library/tasks/ endpoint.
  • Added POST, PATCH & DELETE functionality to /api/v2/library/tasks/ endpoint for match conditions.
  • Added the active as a permanent field to the results and deprecated the show_active filter, replacing it with a general active filter.
  • Added regulation, regulation__in, and regulation__isnull filters to GET api/v2/library/tasks/ endpoint.
  • Added type field, new ordering fields, and type__in and phase filters to the endpoint GET /api/v2/library/tasks/.
  • Added last_updated_date_from, last_updated_date_to, and last_updated_by filters to GET /api/v2/library/tasks/ endpoint.
  • Added last_updated_date, and last_updated_by ordering parameters to GET /api/v2/library/tasks/ endpoint.
  • Updated json response for library tasks list page to include match conditions for the expand param section.

Library Countermeasure Amendments Order

  • Added PATCH /api/v2/library/tasks/{task_id}/amendments/order/ endpoint to allow users to update the order of their Library Countermeasure Amendments.

Library Countermeasure Amendments

  • Added /api/v2/library/tasks/{task_id}/amendments/ endpoint to allow users to create, update, get, and delete their Library Countermeasure Amendments.

Library Countermeasure Implementations

  • Added /api/v2/library/tasks/{task_id}/implementations/ endpoint to allow users to create, update, get, and delete their Library Countermeasure Implementations.

Composite API

  • Added new API endpoint which allows users to batch requests.

Library Weaknesses

  • Added active field for Library Weaknesses on the /api/v2/library/problems/{problem_id} endpoint. Note: The active field can only be set on a POST or PATCH request if the ENABLE_MODIFY_WEAKNESS_ACTIVE_STATUS flag is enabled.
  • Added active field to Library Weaknesses related_tasks when using the related_tasks include filter on the /api/v2/library/problems/{problem_id} endpoint.
  • Added ordering for active field for Library Weaknesses on the GET api/v2/problems/ endpoint

Project Diagrams

  • Removed category from the data of diagram nodes returned by /api/v2/projects/{project_id}/diagram/ endpoint.

v2024.2

Component Questions

  • Added POST & PUT/PATCH functionality to /api/v2/library/componentquestions/ endpoint.

Projects

  • Added new API endpoint to update Project Classification ordinals in bulk.

Countermeasures

  • Added fields to the endpoint GET /api/v2/projects/{project_id}/tasks/?include=reason_for_inclusion

    • implying_answers, component_reason, component_explanation, introducing_components

  • Bulk Operations

  • Added new API endpoint to create, update, and delete Projects in bulk.

Project Classifications

  • Updated API endpoint: /api/v2/project-classifications/{id}/ to use id instead of ordinal.
  • Updated API endpoint: /api/v2/project-classifications/ to also list Project Classification id.
  • Updated API endpoint: /api/v2/projects/{project_id}/survey/draft/ to also list Project Classification id.
  • Updated API endpoint: /api/v2/projects/ to also list Project Classification id.
  • Updated API endpoint: /api/v2/risk-policies/{risk_policy_id}/ to also list Project Classification id.

Weakness

  • Added PATCH functionality for title, text, risk_rating, and cwe fields for weaknesses on the /api/v2/problems/{problem_id} endpoint.
  • Added DELETE functionality to /api/v2/problems/{problem_id} endpoint.
  • Added POST functionality to /api/v2/problems/ endpoint.

Manage

  • Added POST functionality to /api/v2/project-classifications/ endpoint.
  • Added new API endpoints to get, create, and delete Auth Integration connections.
  • "Survey Comments" has been renamed to "Project Survey Comments" in the guide and navigation menu.
  • Added additional project filter to the /api/v2/team-onboarding/scans/{scan_id}/ endpoint

Project Components

  • Added new field source

Team Onboarding

  • Updated existing API endpoints for Team Onboarding Connections to include two new fields (repo_full_name and integration_key).

v2024.1

Team Onboarding

  • Added new API endpoints to get Team Onboarding scans and to start a Team Onboarding scan job.
  • Added new API endpoints to get, create, update, and delete Team Onboarding connections.

Library

  • Added parent_answer field on /api/v2/library/componentquestions/ endpoint.
  • Added tree depth and path fields to the /api/v2/library/attributes/ endpoint response.
  • Added additional filters to the /api/v2/library/attributes/ endpoint: name, description, parent and depth. Added expand filter for path.
  • Added Create and Update endpoints to /api/v2/library/attributes/
  • Added Beta notes for /api/v2/library/componentquestions/, /api/v2/library/attributes/, and /api/docs/library-components/ endpoints.

Profiles

  • Added ordering for active field for profiles on the GET api/v2/profiles/ endpoint
  • Added the following query params for /api/v2/profiles/ endpoint.
    • type__in
    • active__in
  • Added PATCH functionality for active, answers, default, description, and name fields for custom profiles on the /api/v2/profiles/{profile_id} endpoint.
  • Added DELETE functionality to /api/v2/profiles/{profile_id} endpoint.
  • Added POST functionality to /api/v2/profiles/ endpoint.
  • Added readonly created_by, created_date, last_updated_date, and last_updated_by fields

v2023.4

Advanced Reports

  • Added new Trend Reporting contexts for query field on POST api/v2/queries/ and PATCH api/v2/queries/{query_id}/ endpoints.
  • Added timeDimensions field to the query field on POST api/v2/queries/ and PATCH api/v2/queries/{query_id}/ endpoints.
  • Added type field on POST api/v2/queries/ and PATCH api/v2/queries/{query_id}/ endpoints.

Library

  • Added the /api/v2/library/component-icons/ endpoint to provide a list of available icons for Library Components.
  • Added icon_slug and icon_url fields to the /api/v2/library/components/ endpoint.

v2023.3

General

  • Revised terminology to align with industry standards. Problems will now be referred to as Weaknesses, and Tasks will be referred to as Countermeasures.

Automation

  • Added /api/v2/automation/trigger-event/ endpoint to allow users to trigger the automations.

Diagrams

  • Deprecated /api/v2/projects/{project_id}/diagram/

Library

  • Added the Library Component Question, and Subquestions when answers are expanded, to the /api/v2/library/componentquestions/ endpoint.

Library attributes

  • Added Library Attributes endpoint.

Library components

  • Added an expandable implied_attributes field in /api/v2/library/components/{component_id}/ and /api/v2/library/components/ endpoints.
  • Added component_questions field in /api/v2/library/components/ endpoint.

v2023.2

Users

  • Added external_id field in /api/v2/users/ endpoint.

Projects

  • Added external_id field in /api/v2/projects/ endpoint.
  • Added relevant_via_survey element to GET /api/v2/projects/{project_id}/tasks/ endpoint.

Project Survey History

  • Added answer expand filter option in the /api/v2/projects/1/survey/history/ endpoint.
  • Added visible_only query parameter
  • Added carried_over_history include parameter to /api/v2/projects/{project_id}/survey/history/ endpoint.

Project Survey Draft

  • Added dirty field to the /api/v2/projects/{project_id}/survey/draft/ endpoint.

Diagrams

  • Updated response to reflect CAM JSON returning from /api/v2/projects/{project_id}/diagram/ instead of Cytoscape JSON.

v2023.1

Library components

  • Added type field in /api/v2/library/components/{component_id}/ and /api/v2/library/components/ endpoints.
  • Updated default ordering for library components in /api/v2/library/components/ to be by title as opposed to id previously.
  • Updated PUT/PATCH /api/v2/library/components/{component_id}/ endpoint to allow updating Built-in Component fields other than hidden.
  • Added hidden filter param to /api/v2/library/components/ endpoint.
  • Added search by title capability to /api/v2/library/components/ endpoint.

SSO

  • Added /api/v2/sso/ endpoint to allow users to get and update their SSO type.
  • Added GET method for /api/v2/sso/saml/ api endpoint to configure SAML settings on the SSOSettings model
  • Added /api/v2/sso/saml/role-mappings/ endpoint to allow users to create, update, get, and delete their SAML Role Mappings.
  • Added /api/v2/sso/saml/group-mappings/ endpoint to allow users to create, update, get, and delete their SAML Group Mappings.

v2022.4

  • Updated answer_mapping field in /api/v2/library/components/{component_id}/ and /api/v2/library/components/ endpoints.
  • Updated is_active field for GET /api/v2/library/answers/ and GET /api/v2/library/answers/{answer_id}/
  • Added the Project Threats /api/v2/projects/{project_id}/threats/ endpoint.
  • Added the /api/v2/connectors/analysis/{id}/mapping/ endpoint to allow uploading Custom Countermeasure Mappings for Verification Connectors.
  • Added GET /api/v2/plugins/analysis/{plugin_id}/mapping endpoint.
  • Added the Connected Component /api/v2/projects/{project_id}/connected-component/ endpoint.
  • Added the connected_components field to the /api/v2/projects/ and /api/v2/projects/{project_id}/ endpoints. This is connected to the component generated by the project, if any. It is null when there's no connected component, and component_id when a connected component has been created.
  • Added schemas field to query parameter in the /queries/{query_id}/ endpoint.
  • Added PATCH functionality to /api/v2/library/answers/{answer_id}/endpoint for the is_active field.
  • Moved the threats_count field under /api/v2/projects/ endpoint to the Project Threats endpoint, and renamed it to total_threats_count.
  • Renamed the weaknesses field on the Library Threats endpoint to problems.
  • System administrators have access to /api/v2/sso/saml/ and /api/v2/sso/

v2022.3

  • Updated documentation for GET /api/v2/flags/ about the changes to its permission.
  • Added /api/v2/projects/{project_id}/survey/comments-details/ endpoint.
  • Added /dashboards/{dashboard_id}/ endpoint.
  • Added /dashboards/{dashboard_id}/preferences/ endpoint
  • Added /dashboards/default/ endpoint.
  • Added threats_count field under /api/v2/projects/ endpoint and threats_count under /api/v2/projects/{project_id}/components/ endpoint
  • Added the /api/v2/library/capecs/ endpoint to return all active Library CAPECs.
  • Updated pinned_survey_comments_retention entry in the Fields table to accept one of the following string values NO_COMMENTS, REQUIRED, ALL_PINNED.
  • Added a comment_required field to questions and subquestions in the Project Survey Draft endpoint when including a survey section.
  • Added the Library Threats /api/v2/library/threats endpoint.

v2022.2

  • Added url field under reason_for_inclusion field of /api/v2/projects/{project_id}/tasks/ endpoint.
  • Added the /api/v2/flags/ API for toggling product features.
  • Added /queries/{query_id}/ endpoint.
  • Added CubeAPI documentation for Advanced Reporting.
  • Added /api/v2/projects/{project_id}/diagram/ endpoint.

v5.20

  • Added Library Components, Project Component, Component Task Status Mappings and Project Component Updates endpoints.

v5.19

Added the backup restore API.

v5.18

  • Added reason_for_inclusion include parameter to /api/v2/projects/{project_id}/tasks/ endpoint.

v5.17

  • Added a pinned_survey_comments_retention entry to the Fields table for creating new Project Releases.

v5.14

  • Added task_ids optional payload field to /api/v2/projects/{project_id}/task-updates/ endpoint.

v5.13

  • Added project_locked field to project/{project-id} endpoint. Note: The project_locked field can only be edited if the ENABLE_PROJECT_LOCKING flag is enabled.

v5.12

  • Added tasks_count filter param to project/{project-id}/problems/ endpoint.
  • Added missing slug field to business_unit query parameters.
  • Added Project Specific Problems carryover fields to Releases endpoint.
  • Added project/{project-id}/survey/comments/ endpoint.

v5.11

  • Added release_project field to projects endpoint.

v5.10

  • Fixed examples in the Applications endpoints to have business_unit match the actual API behavior.

v5.9

  • Added a source filter to Project Problems endpoint.
  • Added endpoints to POST (create), PATCH (update), and DELETE (delete) project specific Problems.
    • Added project_specific to output of all Project Problem endpoint responses
  • Added library/cwes endpoint for listing and retrieving active CWEs
  • Added problem field to the Tasks endpoint for changing the Problem of a project specific Task
    • Added problem to output of all Task endpoint responses
    • Added expand parameter expand=problem to Task endpoints

v5.8

  • Added new filters for Project Problem Tasks
  • Added db_id field to Library content API endpoints:
    • Library Tasks (api/v2/library/tasks/)
    • Answers (api/v2/library/answers/)
    • Library Problems (api/v2/library/problems/)
    • Phases (api/v2/phases)

v5.7

  • Added created and last_updated fields to risk factors.
  • Updated Project Problems and Project Problem Tasks endpoint URLs with new problem_id format.
  • Removed the related_tasks include parameter from the Project Problems endpoint.

v5.6

  • Updated description expand parameter for Tasks endpoint to text
  • Added endpoint for Project Problems.
  • Added endpoint for associated Tasks of Project Problems.
  • Moved Answers section to Library Answers for consistency.
  • Added project/{project-id}/survey/history endpoint for listing project survey changes.

v5.5

  • Added risk-factors endpoint.
  • Added factor_expression field to project classifications endpoint.
  • Added requires_comment field to task statuses

v5.4

  • Updated documented Library Problems endpoints.

v5.3

  • Added endpoints for Events and Actions in Automation.
  • Added active field to Profile resources in /profiles/ endpoint.
  • Added active field to nested profile field within project resources

v5.2

  • Added library/content-pack endpoint for Library Content Packs.
  • Added automation/event-filters endpoint
  • Added automation/events endpoint
  • Added automation/actions endpoint

v5.1

  • Add is_unclassified field to Project Classifications.
  • Add unclassified include parameter to Project Classifications.
  • LDAP Connections:
    • Removed ldap_start_tls field
    • Added ldap_method field.
      • The accepted ldap_method value that replaces ldap_start_tls is ldap_tls.

v5.0

  • Added verification_categories to connector/connection endpoints.
  • Added answers endpoint.
  • Added project-classifications endpoint for Project Classifications.
  • Added read-only project_classification field to Projects endpoint.
  • Added read-only project_classifications field to Risk Policies.
  • Added project_classification field to Project Survey Draft endpoint.
  • Added matched_classification_answers field to Project Survey Draft endpoint.

v4.23

  • Added group-mappings endpoint for LDAP connection.

v4.22

  • Added answers and deselect_answers to Project and Release endpoint.
    • Ability to select and deselect survey answers when creating a new project or release.
  • Added missing documentation for the carryover_project_specific_tasks field in the Create a Release endpoint.
    • Determines whether to retain project specific tasks in a new release.

v4.21

  • Added facets parameter to Tasks endpoint.
    • Tasks endpoint now performs basic faceting to show task counts by phase.
  • Added Remote Integration Agent endpoint.

v4.20

  • Added Task Note examples for POST (create) and PATCH (update).

v4.19

  • Added Project Analysis file upload endpoint.

v4.18

  • Added Compliance Regulations endpoint.
  • Added Verification Status endpoint.
  • Updated Risk Policy endpoint.
    • Added conditions.statuses field.
    • Merged existing conditions.task_statuses field into conditions.statuses.
    • filters.regulations now returns item IDs instead of a slug.
  • Tasks without a verification status will now display the value "none" instead of none in the verification_status field.

v4.17

  • Added alm_auth_mode and analysis_auth_mode to ALM and Verification Connection params.
    • Supported values are basic or api_token.
  • Added api_token as an additional authentication mode for CA Agile Central.
  • Added custom lookup filtering to the name field in the activities and project-activities endpoint.
  • Added regulations field to the Risk Policy endpoint.
  • Removed filtering of risk policies by phases, tags, task_statuses
  • Added combined jobs (ALM/Analysis/LDAP) endpoint
  • Added project filter to the Verification Connections endpoint

v4.16

  • Added is_file_upload field for Verification connections.
  • Added filtering to Analysis Plugins endpoint:
    • Can now filter by is_file_upload.

v4.15

  • Added Analysis Plugins endpoint.

v4.14

  • Added archived field to the parent field of Projects and Releases endpoints:
    • The url field on the Project resource and on the parent field will now return a null value if it is meaningless (i.e. archived projects don't have valid urls).
  • Added risk_relevant filter to Tasks endpoint.
  • Added status_note field to Tasks endpoint. Allows a note to be added when changing the status of a Task.
  • Added hidden include parameter to Project Survey endpoint. Allows hidden answers and questions to be displayed.

v4.13

  • Added key_hint_text and value_hint_text to alm-plugins to provide more details when labelling JSON fields.
  • Added risk_rating field to expanded problem field in Library and Project Tasks.
  • Added became_relevant field to Tasks.
  • Added last_note and last_verification include filters to Tasks.
  • Added application expand filter to Projects.

v4.12

  • Added writable project-level tagging to Tasks.
  • Task tags can be expanded into library-level & project-level tags.
  • Added Risk Policy endpoint.
  • Updated Business Units/Applications/Projects endpoints with risk policy fields.
  • Added debug_mode field to Verification Connections and ALM Connections.
  • Removed redundancy of nesting the survey twice on the project survey endpoint.
  • Added profile_draft, survey_complete and survey_dirty fields to projects endpoint.

v4.11

  • Dropped references to PUT in the docs, to encourage the use of PATCH.
  • Updated the structure of the filters field in the report-settings endpoint.
  • Added search capabilities to phases endpoint.
  • Added documentation for Project Release endpoint (previously undocumented).
  • Added test endpoints for connectors and connections.

v4.10

  • Added support for creation and deletion of manually added library tasks to Tasks endpoint:
    • Added manually_added_from_library field to Task resources.
    • Added manually_added_from_library field to Assigned Task.
    • The ad_hoc field has been renamed to project_specific.

v4.9

  • Added tags to the Application endpoint.
  • Added application_tags to Project endpoint.
  • Changed related_tasks to include the title, phase, and url of each related task in the Tasks and specific Task endpoints.
  • Changed notify_tasks attribute of UserProfile to include id, name.
  • Changed updater field to be expanded by default in Task Notes endpoint.

v4.8

  • Renamed base to base_project for the Project endpoint.
  • Added incomplete_tasks include filter and redesign task_counts include filter on projects endpoint.
  • Removed business_unit as expand filter.
  • Expanded instances of business_unit in applications by default.
  • Added ALM plugins endpoint, which returns metadata for each ALM integration. Used to render ALM forms.
  • Added params field to connector endpoint & make connector endpoint writeable.

v4.7

  • Added base (original project that spawned any number of new releases) to the Project endpoint. (Note: this field will be renamed to base_project in v4.8.)

v4.6

  • Added persist_phases to Business Unit endpoint.
  • Added updater and updated fields to Analysis Note endpoint.
  • Renamed ldap group query field to group base dn.
  • Original SDE phases can now be edited via the API.

v4.5

  • Phases can be created, edited, or deleted.
  • Changed the value of user to email instead of id, since we filter users by email.
  • Password can be changed, password metadata retrieved on GET (session / basic authentication only).
  • Password reset questions can be created, edited, or deleted.
  • API tokens can be generated, revoked or regenerated.
  • Email notification settings can be updated.
  • Group endpoint now has sync_connections include filter to fetch LDAP connections that reference groups.
  • Group can no longer be deleted if referenced by LDAP connection.
  • User Profile can be retrieved or updated via /users/me/.
  • LDAP Connections:
    • Added ldap_start_tls.
    • Removed ldap_method.
    • Renamed deactivation to deactivate_stale_users.
    • Change group_mapping to use SDE group ids instead of group names.

v4.4

  • Added include field last_job for connections returned by the ALM, Analysis and LDAP Connection endpoints.
  • Added updaterfield tasks returned from the tasks endpoint.
  • Added documentation for LDAP connections and jobs.
  • LDAP Connections can be created, edited, or deleted.
  • LDAP Jobs can be initiated or the results may be submitted.
  • Global Roles can be deleted.
  • Projects endpoint now has include parameter to get the completion data by phases.
  • Added Project Activity endpoint.
  • Add is_creator to users in Projects endpoint.

v4.3

  • Initiate a password reset via the API (session / basic authentication only).
  • Global roles can be created, edited, or deleted.

v4.2

  • Added documentation for session and basic authentication.
  • Business Units, Groups, and Tasks includes the role of the users the resource returns.
  • Included the first name, last name for the users returned by the tasks endpoint.
  • ALM and Verification Connections include whether they are accessible or not, and the id of their parent Connector.
  • ALM and Verification Connections can be created, edited, or deleted.
  • ALM sync jobs can be initiated by POSTing to the alm jobs endpoint.
  • Analysis import jobs can be initiated by POSTing to the analysis jobs endpoint.
  • Project Role can be ordered and searched for by name.
  • (Customer created) Project Roles can be deleted.
  • Users endpoint returns if a password reset is in progress.

v4.1, v4.0, v3.9, etc.

  • The dark times where we had no change log.

results matching ""

    No results matching ""